I’ve been thinking a lot about social engineering lately, so I’m going to highlight some of my favorite social engineering resources.
Social Engineering: The Art of Human Hacking
Chris Hadnagy’s book, Social Engineering: The Art of Human Hacking is the authoritative guide on social engineering techniques and counter-measures. Chris describes many of the techniques and approaches used by social engineers, ranging from basic pretexting to full-on neuro-linguistic programming. You can’t protect against what you can’t recognize, so being able to identify the techniques of social engineering is the first step to protecting yourself and your organization.
The Art of Social Engineering?
Kevin Mitnick is widely regarded as one of the world’s best social engineers. He’s published a number of books that describe stories of hacks and social engineering, both his and those he’s worked with. There’s The Art of Deception and The Art of Intrusion which describe a variety of different hacks using different techniques ranging from entirely social engineering-based to entirely technical. More personal is Ghost in the Wires which describes Mitnick’s own exploits when he was considered the nation’s most wanted hacker.
And a little fiction….
Over the past couple of weeks, I’ve read the “Geek Mafia” series by Rick Dakan. While this is a fictional series, it deals a lot with hacking & social engineering, and is remarkable technically accurate. I was impressed with the overall quality and with the technical content. There’s 3 books in the series: Geek Mafia, Geek Mafia: Mile Zero, and Geek Mafia: Black Hat Blues.